Senior Security Engineer

KUBRA is excited to announce the hiring of a talented Senior Cloud Security Engineer to join our dynamic team! This pivotal role focuses on designing, optimizing, and maintaining a secure computing environment with a strong emphasis on application and cloud security. As a Senior Cloud Security Engineer, they will play a critical part in ensuring KUBRA's security standards are consistently met, implemented, and reviewed across both on-premises and online platforms. Their expertise will help shape a resilient security framework for KUBRA’s technology, driving innovation and trust in our cloud and application environments!
This is a HYBRID role located in Mississauga, Ontario.

What you get to do every day!

• Identify and provide guidance on appropriate controls based on industry standards to drive cloud and customer security solutions framework based on business risk and cloud native threats
• Develop and implement cloud security architectures focused on AWS 
• Assist in developing an overall organizational data strategy that is in line with business processes and contractual requirements
• Establish and enforce secure application development practices, including secure coding, threat modeling, SAST/DAST and vulnerability management.
• Conduct security assessments of cloud infrastructure, applications, and CI/CD pipelines.
• Provide security guidance and best practices to Product and Service Delivery teams.
• Define and implement security policies, standards, and procedures for cloud and application security.
• Work with engineering and operations teams to integrate security controls within cloud-native services.
• Lead security reviews, architecture assessments, and risk analysis for new and existing applications.
• Monitor security trends, vulnerabilities, and threats in cloud and application security domains.
• Collaborate with compliance teams to ensure adherence to regulations such as PCI-DSS, SOC 1/2, ISO 27001 etc
• Respond to security incidents and provide expertise in forensic analysis and remediation.
• Design and implement network security controls, including firewall configuration and management.
• Manage firewall solutions such as Akamai and cloud-native security services to protect applications and infrastructure.
• Ensure robust network security by implementing intrusion detection/prevention systems (IDS/IPS), web application firewalls (WAFs), and DDoS mitigation strategies.
• Design and implement database security controls, including data encryption, access control, and monitoring.
• Conduct database vulnerability assessments and ensure compliance with security policies.
• Work with database administrators to apply security best practices to relational and NoSQL databases.
• Implement data masking, tokenization, and audit logging for sensitive data protection.
• Develop and implement Infrastructure as Code (IaC) security best practices to ensure secure provisioning and configuration of cloud resources.
• Ensure security is embedded in IaC templates using tools like Terraform and AWS Cloud Formation.
• Perform security architecture design reviews and provide recommendations to improve the security posture of KUBRA’s application, database, and cloud platforms
• Perform periodic testing, code analysis, and security assessments of KUBRA owned applications 
• Govern Watch over cloud security systems for change and configuration control thereby suggesting changes to further improve the overall security posture.
• Partner with DevSecOps, Application and Infrastructure teams to ensure any vulnerabilities or issues are resolved per security guidelines 
• Stay up to date with current cyber security risk and analyze trends to proactively prevent problems.
• Assist in developing an overall organizational data strategy that is in line with business processes and contractual requirements

What kind of person should you be?

• Excellent verbal, written and interpersonal skills
• Ability to detail and effectively discriminate relevant logs / security events
• Ability to handle multiple tasks and projects concurrently
• Excellent written and verbal communication skills
• Ability to plan and manage complex security projects, and meet the deadlines
• Excellent organization, time management and problem-solving skills
• Ability to handle pressure under minimum or no direct supervision

What skills do you need?

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
• 7+ years of experience in cybersecurity, with a focus on Security Architecture, cloud and application security.
• Strong knowledge of cloud security frameworks (AWS Well-Architected Framework, CSA-CCM, CIS Controls).
• Experience with securing cloud-native applications, microservices, and containerized environments (Kubernetes, Docker).
• Expertise in secure software development practices, including OWASP Top 10 and SAST/DAST methodologies.
• Familiarity with DevSecOps principles and tools such as Terraform, GitHub Actions, or AWS CodePipeline.
• Hands-on experience with identity and access management (IAM), encryption, and key management.
• Proficiency in scripting and automation using Python, Bash, or PowerShell.
• Experience with firewall technologies, network security principles, and secure network architecture design.
• Experience with database security, including best practices for relational and NoSQL databases.
• Experience with Infrastructure as Code (IaC) security and automation using Terraform, AWS CloudFormation, or similar tools.
• Industry certifications such as CISSP, CCSP, AWS Certified Security, or GIAC are preferred.

What can you expect from us?

• Award-winning culture that fosters growth, diversity and inclusion for all
• Paid day off for your birthday
• Access to LinkedIn learning courses
• Bi-annual performance-based bonus
• Continued education with our education reimbursement program
• Flexible schedules
• Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
• Two paid days for volunteer opportunities
• A free premium membership for ‘Headspace’; an app geared towards mental health and wellbeing
• Access to Perkopolis retail discounts
• Generous benefit coverage with low premiums (+ a Health Care Spending Account)
• RRSP Matching

KUBRA is an equal opportunity employer dedicated to building an inclusive and diverse workforce. We will provide accommodations during the recruitment process upon request by emailing recruitment-team@kubra.com. Information received relating to accommodation will be addressed confidentially. We thank all applicants for their interest; however, only candidates under consideration will be contacted.
While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!
KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst. Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program. 
KUBRA does not typically provide immigration-related assistance, including employment-based work visa (e.g. H-1B) sponsorship, work permit applications and extensions, permanent residence (green card) sponsorship, LMIA applications or permanent residency nominations. Candidates must ensure they have legal authorization to work in the U.S/ Canada. All sponsorship determinations are case by case based on business need.